News
NCC-CSIRT identifies two cyber attacks via Facebook, charging phones

Nasiru Yusuf
The Nigerian Communications Commission’s Cyber Security Incident Response Team (NCC-CSIRT) has independently identified two cyber vulnerabilities and advised Nigerian telecom consumers on the measures to be taken to get protected from the cyber-attacks.
KANO FOCUS reports that the CSIRT, in its first-ever security advisories less than three months after its creation, has solely identified the two cyber-attacks targeting the consumers and proffer solutions that can help telecom consumers from falling victims to the two cyber vulnerabilities.
This is contained in a statement sent to KANO FOCUS by Director, Public Affairs Dr. Ikechukwu Adinde on Friday.
The statement said the first is described as Juice Jacking, which can gain access into consumers’ devices when charging mobile phones at public charging stations and it applies to all mobile phones.

The other is a Facebook for Android Friend Acceptance Vulnerability, which targets only Android Operating System.
According to CSIRT security Advisory 0001 released on January 26, 2022, with Juice Jacking, attackers have found a new way to gain unauthorized entry into unsuspecting mobile phone users devices when they charge their mobile phones at public charging stations.
Many public spaces, restaurants, malls and even in the public trains do offer complementary services to their customers in a bid to enhance customer services, one of which is providing charging ports or sockets.
However, an attacker can leverage this courtesy to load a payload in the charging station or on the cables they would leave plugged in at the stations.
“Once unsuspecting persons plug their phones at the charging station or the cable left by the attacker, the payload is automatically downloaded on the victims’ phone.
“This payload then gives the attacker remote access to the mobile phone, allowing them to monitor data transmitted as text, or audio using the microphone. The attacker can even watch the victim in real time if the victims’ camera is not covered. The attacker is also given full access to the gallery and also to the phone’s Global Positioning System (GPS) location.
“When an attacker gains access to a user’s Mobile phone, he gets remote access to the User’s phone which leads to breach in Confidentiality, Violation of Data Integrity and bypass of Authentication Mechanisms. Symptoms of attack may include sudden spike in battery consumption, device operating slower than usual, apps taking a long time to load, and when they load they crash frequently and cause abnormal data usage,” the statement said.
It added that the NCC-CSIRT, however, proffered solutions to this attack to include using ‘charging only USB cable’, to avoid Universal Serial Bus (USB) data connection; using one’s AC charging adaptor in public space; and not granting trust to portable devices prompt for USB data connection.
Other preventive measures against Juice Jacking, according to the statement include installing Antivirus and updating them to the latest definitions always; keeping mobile devices up to date with the latest patches; using one’s own power bank; keeping mobile phone off when charging in public places; as well as ensuring use of one’s own charger, if one must charge in public.
On the other hand, the NCC-CSIRT Advisory 0001 of January 27, 2022, warns that Facebook for Android is vulnerable to a permission issue which gives privilege to anyone with physical access to the android device to accept friend requests without unlocking the phone. The products affected include Versions 329.0.0.29.120 of Android OS.
With this, the attacker will be able to add the victim as a friend and collect personal information of the victim, such as Email, Date of Birth, Check-ins, Mobile phone number, Address, Pictures and other information that the victim may have shared, which would only be visible to his/her friends.
However, to be protected from the Facebook-associated vulnerability, NCC-CSIRT in the security advisory recommends to users to disable the feature from their device’s lock screen notification settings.
The NCC-CSIRT was inaugurated in October, 2021 to provide guidance and direction for the constituents in dealing with issues relating to the security of critical infrastructure in their possession, and periodically assess, review and collate the threat landscape, risks, and opportunities affecting the communications sector, in order to provide advice to relevant stakeholders in those regards.
As the telecoms-industry specific intervention, the objective of which aligns with the objective of the National Cybersecurity Policy and Strategy (NCPS) document published by the Office of the National Security Adviser (ONSA), the NCC-CSIRT ensures continuous improvement of processes and communication frameworks to guarantee secure and collaborative exchange of timely information while responding to cyber threats within the sector.
In recent times, NCC-CSIRT has raised series of cyber-vulnerability awareness based on security advisories it receives from the Nigerian Cybersecurity Emergency Response Team (ngCERT), which is the national body for the implementation of the NCPS objective. However, Juice Jacking and Facebook for Android Friend Acceptance Vulnerabilities are the two first-ever cyber vulnerabilities published by the NCC-CSIRT.

Headlines
Gov Yusuf rejects tribunal judgement, heads to appeal court

Nasiru Yusuf Ibrahim
The Kano State Governor, Abba Kabir Yusuf, has vowed to appeal the judgement of the governorship election tribunal which nullified his election and declared the APC candidate, Nasiru Yusuf Gawauna as the winner.

KANO FOCUS reports that Yusuf made the declaration on Wednesday night, while making a broadcast to the people of the state.
He said his legal team had been directed to appeal the judgement at the court of appeal in order to reclaim the mandate given to him by the people of the State.
He, therefore, Called on the good people of the state to remain calm and continue to be law abiding as security agents have been directed to ensure the safety of lives and property of the citizens.
“Let me assure you that the this government would continue to work for the development of the people of the state as the judgement will never dampen our spirit or discourage us from the good work we have started.” he said.
The Governor, who thanked the people of the state for their continued support and cooperation, urged them to go about with normal activities.

Headlines
Kano records 5,800 cases of Diphtheria – UNICEF

Nasiru Yusuf Ibrahim
The United Nations Children’s Fund (UNICEF), on Tuesday, said that Kano State has recorded 5,800 suspected cases of Diphtheria from January to date.

KANO FOCUS reports that the Head, UNICEF Field Office, Kano, Mr Rahama Mohammned-Farah, stated this in Kano during a one-day media orientation on Diphtheria outbreak.
The UN Agency said the cases were recorded in 39 local government areas of the state.
According to him, Kano State has the highest number of recorded cases in the country, adding that Diphtheria was a highly contagious and infectious disease that could cause death.
Mohammned-Farah stressed that proactive measures were necessary to stem the outbreak.
“Recently, we have seen a surge in the number of reported Diphtheria cases in Nigeria, and Nigeria is currently facing an outbreak that needs to be stopped and prevented.
“As of July, Diphtheria cases have been on the rise. As of last week, over 400 suspected cases with 11 deaths have been reported in Kano.
“Out of the 39 LGAs affected, eight are the most affected, including Ungogo with 2,651 cases; Dala 989, Fagge 943, Gwale 714, Kumbotso 713, Nasarawa 538, Kano Municipal 506 and Tarauni 269,” he said.
He said that 60.8 per cent of the suspected cases had been reported in children not vaccinated, which reinforced the critical need to address the issue of zero doses, especially in Kano State.
“UNICEF delivered 1.2 million vaccines to the Kano State Government in our continuing support to the government response to Diphtheria outbreak.
“Diphtheria outbreak is a threat to child survival, health and the wellbeing of children. UNICEF is collaborating with government and partners to respond to the emergency to save the lives of children affected.
“In Kano state, UNICEF supported Tetanus-Diphtheria reactive vaccination campaigns in February, April and August, vaccinating 23,200 children in round one.
“While 277,796 children vaccinated in round two and 29,500 others in round-3 of the exercise.
“We engaged 150 traditional leaders on Diphtheria outbreak and distribution of Diphtheria IEC materials, and deployed 1,500 VCMs to the worst affected LGAs to conduct house-to-house sensitisations and referral of suspected cases to health facilities.
“Media has a key role to play particularly in infection prevention, and risk communication and community engagement,” he said.
Also speaking, Dr Muhammad Nasir-Mahmoud, the Director-General, Kano State Primary Healthcare Management Board, said the state government had adopted drastic measures to curtail spread of the disease.
“We are committed towards educating the public about what is happening and the National Center for Disease Control (NCDC) has promised that Kano will be accorded priority in terms of vaccine distribution,” he said.
While describing the media as partners in the fight against Diphtheria, Nasir-Mahmoud urged them to support the campaign against the disease.

Headlines
IPAC appeals to Kano governorship tribunal to be impartial

Mukhtar Yahya Usman
The Interparty Advisory Council of Nigeria (IPAC) has urged the judges of the Kano election petition tribunal court to discharge its duties with utmost integrity and impartiality.
KANO FOCUS reports that this was contained in a statement issued by the organization secretary Kano chapter Nuhu Idris on Tuesday.
IPAC also called upon the tribunal to consider each case diligently and ensure that all the parties involved are given equal opportunities to present their argument and evidence.
It could be recalled that the election tribunal has fixed Wednesday 20th September 2023 to deliver judgment on APC’s petition against Abba Kabir Yusuf.

A hearing notice issued by the Secretary of the election petition tribunal on Monday said the judgment would be delivered at 9.00 a.m., at the High Court of Miller Road in Kano.
Mr Idris said the organization has acknowledged the importance of the electoral process in a democratic society, where the voice and choice of the people are paramount.
He said the ongoing legal proceedings before the tribunal are a testament to the vibrancy of democracy and the resolve of citizens to seek redress through legal means.
“IPAC firmly believes that justice must not only be done but must also be seen to be done.
“We, Therefore, implore the tribunal to maintain transparency in its proceedings allowing the public and all concerned parties to have confidence in the outcome of the legal process, the statement said.
He added that it is essential that the tribunal’s decisions are guided by the rule of law and the facts presented, rather than any external influence.
